CVE-2025-20435

The report circulating about "LDN-2026-0301" is false and based on manipulated screenshots. There is no such vulnerability in Ledger's transport layer, and no firmware update like the one described.

The real research from the Ledger Donjon relates to CVE-2025-20435 (https://t.co/Hx0yDcPxSk), a vulnerability affecting certain Android phones with MediaTek chips. In a compromised phone scenario, attackers may be able to extract data from software wallets. This highlights an important point: software wallets depend on the security of the phone they run on. If the phone is compromised, sensitive data can be exposed.

Hardware wallets are designed to prevent this. Your private keys stay inside the secure element, and the only information you should trust is what appears on your Ledger's secure screen before signing.

Ledger follows a zero-trust security model. Whether you connect to a phone or a computer, the device itself shows the final transaction details. If anything were changed by a malicious app or compromised system, it would appear on the device before you approve the transaction.

A good reminder for everyone in crypto: screenshots and "reports" can be edited. What matters is what your device shows you before you sign.

You can read the details of the real research from our CTO Charles Guillemet here: https://t.co/N9PcEbBUIL